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DETAILED ACTION 

1 . This action is responsive to communication: original application filed on 2 January 2004, 
with acknowledgement that this application is continuation in part of application 10/609,586 
which claims benefit of provisional application filed 23 May 2003. 

2. Claims 1-73 are currently pending in this application. Claims 1 and 38 are independent 
claims. 

3. The IDS submitted 4 October 2004, 5 June 2006, and 22 January 2007 has been 
considered. 

4. Amendment to FIG. 1 is accepted. 

Double Patenting 

5. A rejection based on double patenting of the "same invention" type finds its support in 
the language of 35 U.S.C. 101 which states that "whoever invents or discovers any new and 
useful process ... may obtain a patent therefor ..." (Emphasis added). Thus, the term "same 
invention," in this context, means an invention drawn to identical subject matter. See Miller v. 
Eagle Mfg Co,, 151 U.S. 186 (1894); In re Ockert, 245 F.2d 467, 1 14 USPQ 330 (CCPA 1957); 
and In re Vogel 422 F.2d 438, 164 USPQ 619 (CCPA 1970). 

A statutory type (35 U.S.C. 101) double patenting rejection can be overcome by 
canceling or amending the conflicting claims so they are no longer coextensive in scope. The 
filing of a terminal disclaimer cannot overcome a double patenting rejection based upon 35 
U.S.C. 101. 

6. Claims 1-5, 9-28, 34-42, 46-64, and 72-73 are provisionally rejected under 35 U.S.C. 101 
as claiming the same invention as that of claims 1-57 of copending Application No. 10/609,586. 
This is a provisional double patenting rejection since the conflicting claims have not in fact been 
patented. 

7. Claims 1-5, 9-28, 34-42, 46-64, and 72-73 of this application conflict with claims 1-57 of 
Application No. 10/609,586. 37 CFR 1 .78(b) provides that when two or more applications filed 



Application/Control Number: 10/749.558 Page 3 

Art Unit: 2134 

by the same applicant contain conflicting claims, elimination of such claims from all but one 
application may be required in the absence of good and sufficient reason for their retention 
during pendency in more than one application. Applicant is required to either cancel the 
conflicting claims from all but one application or maintain a clear line of demarcation between 
the applications. See MPEP § 822. 

Claim Rejections - 35 USC§103 

8. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the subject matter 
sought to be patented and the prior art are such that the subject matter as a whole would have 
been obvious at the time the invention was made to a person having ordinary skill in the art to 
which said subject matter pertains. Patentability shall not be negatived by the manner in which 
the invention was made. 

9. Claims 1-5, 10-13, 15-17, 20, 21, 27, 38-42, 46-50, 52-54, 57, 58, 62 are rejected under 
35 U.S.C. 103(a) as being unpatentable over Murphy et al. US Patent No. 6,226,744 (hereinafter 
'744). 

As to independent claim 38 ^'An authentication method comprising: storing on a 
personal authentication device (PAD) at least one CA public key, each public key 
associated with a certificate authority (CA); receiving one or more digital certificates; 
authenticating the one or more received digital certificates using the at least one stored CA 
public key; generating at least one service based on the one or more authenticated digital 
certificates" is taught in '744 col. 5, lines 52-65 "FIG. 3 is a block flow diagram of steps 
performed in accordance with one embodiment of the invention. As shown in FIG. 3, a Certified 
Authority (CA) distributes smart card 10 to a user at step 50. Smart card 10 stores user 
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information provided by the CA, such as tokens, digital signatures, certificates, tickets, PIN, 
human resources identification number, and so forth, or personal information provided by the 
user such as a social security number, birth date, mother's maiden name, etc. Smart card 10 also 
performs data encryption and decryption functions, stores DES secret keys and digital 
certificates, and will generate and store public and private RS A cryptographic key pairs. Smart 
card 10 has an on-board math co-processor that performs the key generation and 
encryption/decryption calculations'', note the PAD is interpreted to be equivalent to a smart card; 
the following is note explicitly taught in '744: "and outputting the at least one service key" 
however '744 teaches "It is worthy to note that the specific data being stored and retrieved from 
the smart card in this example of a smart card interface module is in the form a user's social 
security number (SSN) for use in authenticating the user. It can be appreciated, however, that any 
type of data could be stored or retrieved from the smart card, such as tickets, certificates, 
public/private keys, and so forth" in col. 7, lines 22-28, note the Examiner interprets the other 
data to be equivalent to a 'service key'. 

It would have been obvious to one of ordinary skill in the art at the time of the invention 
of a user authentication system using a smart card taught in '744 to include a means to utilize the 
smart card to output service keys. One of ordinary skill in the art would have been motivated to 
perform such a modification because user authentication protocols suffer from weakness due to 
exposure see '744 (col. 2, lines 15 et seq.). "User authentication protocols, however, suffer from 
an inherent exposure to masquerading by malicious intruders. An intruder can spoof, intercept 
and replay the authentication messages. In cases where a secret is sent in clear text (as in most 
traditional log-in procedures), simple spoofing and replay is sufficient to break the protocol". 



Application/Control Number 10/749,558 Page 5 

Art Unit: 2134 

As to dependent claim 39, ^^further comprising: receiving at least one ticket- 
generation certificate indicating at least one service key generating program" is taught in 
'744 col 5, lines 52-65. 

As to dependent claim 40, ^'further comprising: authenticating the at least one 
received ticket-generation certificate using the at least one CA public key; and if the at 
least one ticket-generation certificate is authenticated, generating at least one service key 
based on the at least one service key generating program, wherein the at least one service 
key may be used by a user to obtain access to at least one service" is shown in '744 col. 5, 
lines 52-65. 

As to dependent claim 41, ^^further comprising: receiving a user-identification 
certificate comprising information uniquely associated with a user; authenticating the 
received user-identification certificate based on the at least one CA public key; and if the 
user-identification certificate is authenticated, authenticating the user based on the 
authenticated user-identification certificate" is disclosed in '744 col. 5, lines 52-65. 

As to dependent claim 42, ^^further comprising: receiving at least one user- 
qualification certificates indicating at least one service and one or more users who may 
access the at least one service; authenticating the at least one received user-qualification 
certificate based on the at least one CA public key; and if the at least one user-qualification 
certificate is authenticated, determining at least one service that the authenticated user 
may have access to based on the at least one authenticated user-qualification certificate" is 
taught in '744 col. 5, lines 52-65. 
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As to dependent claim 46, ^^storing on the personal authentication device (PAD) a 
PAD private key associated with the PAD" is shown in '744 col. 5, lines 52-65. 

As to dependent claim 47, ^^further comprising: receiving a PAD authentication 
request; responding to the PAD authentication request using the stored PAD private key; 
and outputting the response to the PAD authentication requesf is disclosed in '744 col. 5, 
lines 52-65. 

As to dependent claim 48, ^^further comprising: signing the at least one service key 
using the stored PAD private key" is taught in '744 col. 5, lines 52-65. 

As to dependent claim 49, ^^further comprising: decrypting contents on the one or 
more received digital certificates using the stored PAD private key, wherein the contents 
are encrypted with the corresponding PAD public key" is shown in '744 col. 5, lines 52-65. 

As to dependent claim 50, ^^further comprising: if the authenticated user is 
determined to have access to the services, authenticating the at least one ticket-generation 
certificate using the at least one CA public key; and if the at least one ticket-generation 
certificate is authenticated, generating at least one service key based on the at least one 
service key generating program, wherein the at least one service key may be used by a user 
to obtain access to at least one service" is disclosed in '744 col. 3, lines 31-45 and col. 5, lines 
52-65, note the smartcard is used to generate the required access codes. 

As to dependent claim 52, The method of claim 41, further comprising: receiving 
one or more received user credentials; and authenticating the user based on the 
authenticated user-identification certificate and the one or more user credentials" is shown 
in '744 col. 5, lines 52-65. 
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As to dependent claim 53, ^^ivherein the user credentials comprise one or more user 
private keys" is disclosed in '744 col 5, lines 52-65. 

As to dependent claim 54, ^^wherein the user credentials comprise a personal 
identification number (PIN) associated with the user, or information computed from the 
PIN" is taught in *744 col. 4, lines 15-27 "Information from the card is accessed using the 
program and a PIN, and is compared with server information. Access to the web site will be 
either allowed or denied based upon the results of the comparison". 

As to dependent claim 57 '^further comprising: receiving an operations certificate 
comprising information for controlling the operations of the PAD for a current session" is 
shown in '744 col. 6, line 64 through col. 7, line 10, note ability of the user to modify data stored 
on the smartcard is interpreted to be equivalent to controlling the operations of the PAD. 

As to dependent claim 58, ^Vherein the information for controlling the operations of 
the PAD for a current session comprises one or more of the following: information 
governing input and output of the PAD, challenge and response protocols for user and 
PAD authentication, secure protocols for receiving and outputting data, and protocols for 
PAD management purposes" is disclosed in '744 col. 6, line 64 through col. 7, line 10, note the 
user ability to change data is a management function. 

As to dependent claim 62, ^Vherein at least one of the one or more digital 
certificates is received from a storage medium or network interface" is taught in '744 col. 3, 
lines 31-45, note the client computer has a reader for communicating with the card the computer 
has an interface to the network. 



Application/Control Number: 10/749.558 Page 8 

Art Unit: 2134 

As to independent claim 1, this claim is directed to a personal authentication device 
utilizing the method of claim 38; therefore it is rejected along similar rationale. 

As to dependent claims 2-5, 10-13, 15-17, 20, 21, 27, these claims contain substantially 
similar subject matter as claim 39-42, 46-50, 52-54, 57, 58, 62; therefore they are rejected along 
similar rationale. 

10. Claims 6, 9, 18, 22-23, 43, 51, 55, 59, 60, and 66, are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Murphy et al. US Patent No. 6,226,744 (hereinafter '744) in view of de. 
Jong et al. US Patent No. 7,085,840 (hereinafter '840). 

As to dependent claim 43, the following is not explicitly taught in *744: "wherein the 
at least one service key comprises at least one cookie" however '840 teaches "FIG. 50 is a 
block diagram that illustrates using a smart card to securely store and reconfigure cookies in 
accordance with one embodiment of the present invention" in col. 10, lines 20-23. 

It would have been obvious to one of ordinary skill in the art at the time of the invention 
of a user authentication system using a smart card taught in '744 to include a means utilize 
cookies to distribute service keys. One of ordinary skill in the art would have been motivated to 
perform such a modification because the advent of the WWW has made more information 
available to use see '840 (col. 2, lines 24 et seq.). "The advent of the World Wide Web (WWW) 
has made much more information available for use by anyone with a computer having an 
Internet connection. Unfortunately, current methods make it relatively easy to identify a 
particular user with specific data about the user, thus raising privacy concerns". In addition '744 
was cited as a prior art reference by the Inventors of '840. 
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As to dependent 51, ^^wherein the one or more input means further receives one or 
more certificates comprising information for granting the user access to at least one 
additional service based on the at least one service" however '840 teaches "According to one 
embodiment of the present invention, a first credential is used to make a new credential having a 
more limited scope. For example, a first credential that grants access to view a web page or 
information unit may be used to create a second credential that provides access to a second Web 
page directly referenced by the first Web page for only 10 minutes. The same first credential 
might be used to create a third credential that provides access to any other Web pages referenced 
directly firom the current Web page. More examples of using one or more credentials to create 
another credential are presented below with reference to FIG. 39" in col. 16, lines 1-13 

As to dependent claim 55, ^'wherein the user credentials comprise biometric 
information associated with the user" however '840 teaches the use of biometrics in col. 15, 
lines 29-36. 

As to dependent claim 59, ^Vherein the information for controlling the operations of 
the PAD for a current session comprises information governing linking of one or more 
received certificates, and wherein the method further comprises: linking one or more 
received certificates based on one or more certificates comprising information for granting 
the user access to at least one additional service based on the at least one service" however 
'840 teaches linking the certificates in col. 16, lines 1-13 

As to dependent claim 60, ^^further comprising: receiving one or more signature- 
verification certificates forming a signature-verification chain, wherein each signature- 
verification certificate in the signature-verification chain is signed with the private key of 
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an entity whose public key is certified by the preceding signature-verification certificate 
and wherein the first signature-verification certificate in the signature-verification chain is 
signed by at least one stored CA public key; and wherein the processing component 
comprises at least one component for authenticating the one or more received digital 
certificates based on the last signature-verification certificate in the signature-verification 
chain" however '840 teaches the preceding key can be used to generate the next key in coL 16, 
lines 1-13. 

As to dependent claim 66, ^^further comprising determining the number of times an 
event has occurred since a prior event" however *840 teaches a user profile is maintained 
based on the number of timeis a user visits a site, this is considered equivalent to a 'prior event' in 
col. 18, line 33 through col. 19, line 17. 

As to dependent claims 6, 9, 18, 22, 23, these claims contain substantially similar 
subject matter as claim 43, 51, 55, 59, and 60; therefore they are rejected along similar rationale. 
11. Claims 7, 8, 44, and 45, are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Murphy et al. US Patent No. 6,226,744 (hereinafter '744) in view of de Jong et al. US Patent No. 
7,085,840 (hereinafter '840) in fiirther view of Chang et al. US Patent No. 6,715,082 (hereinafter 
'082) in ftirther view of Ye et al. US Patent No. 6,067,621 (hereinafter '621). 

As to dependent claim 44, the following is not explicitly taught in the combination of 
teaches of '744 and '840: "further comprising: generating a one-time key and storing it on 
the PAD; based on the one-time key, generating the at least one cookie and sending the . 
generated cookie to the user; receiving the previously generated the at least one cookie, and 
validating the received cookie using the stored one-time key" however '082 teaches "One 
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feature of this aspect is that the identification information includes a usemame and a one-time 
password (OTP); and the step of determining whether the session between the client and the first 
server should be established comprises the step of the first server conmiunicating with a second 
server to determine whether the OTP is currently valid. According to another feature of this 
aspect, the step of communicating with a second server to determine whether the OTP is 
currently valid further includes the steps of the second server determining whether the usemame 
and the OTP were previously cached in memory; and if the usemame and the OTP were not 
previously cached in memory, the second server conmiunicating with a password server to 
determine whether the OTP is currently valid" col. 3, lines 35-49, note the Examiner interprets 
the OTP equivalent to a one-time key. 

It would have been obvious to one of ordinary skill in the art at the time of the invention 
of a user authentication system using a smart card that utilizes cookies taught in '744 and '840 to 
include a means utilize one time keys. One of ordinary skill in the art would have been 
motivated to perform such a modification to reduce security risks while communicating over a 
network see '082 (col. 2, lines 1 1 et seq.). "One method of reducing the security risks that are 
introduced by fixed user identification information is through the use of a Smart card or Token 
card. One type of Token card, the SecurlD card commercially available fi-om Security Dynamics, 
Inc., continually generates a series of random one-time passwords (OTPs) that can be used once 
to login into a network access server. The Token card works in conjunction with a password 
server, such as Security Dynamics* ACE password server, and generates a response that is unique 
for every login. Because the password server generates a unique response for every login 
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attempt, the OTP may only be used once to establish a session. Thus, even if monitored or . 
stolen, the one-time password cannot be reused by an intruder to gain access to a user's account", 
the following is not explicitly taught in the combination of teachings in '744, '840, and '082: 

^^and if the received cookie is successfully validated, invalidating the one-time key 
used in the cookie validation, generating a new one-time key and store it on the PAD, and 
based on the new one-time key, generating a new cookie and sending the new cookie to the 
user" however '621 teaches "The portable terminal uses a card receiver for receiving the IC card 
to determine whether the IC card is input for the first time, a random number memory for reading 
and storing, and then deleting the random numbers of the IC card when the IC card is inserted for 
the first time into the card receiver, a first password generator for generating a one-time 
password by reading the secret key of the IC card and the random number stored in the random 
number memory, a first random number changer for changing the random number stored in the 
random number memory into a predetermined value and storing the changed value in the random 
number memory when a one-time password is generated in the first password generator, and a 
display for displaying the processed results of the terminal and the server." in col. 3, lines 27-42. 

It would have been obvious to one of ordinary skill in the art at the time of the invention 
of a user authentication system using a smart card that utilizes cookies and one-time keys taught 
in '744,'840 and '082 to include a means update the key. One of ordinary skill in the art would 
have been motivated to perform such a modification to provide greater security see '621 (col. 2, 
lines 1 et seq.). "To provide greater security to user authentication, a one-time password may be 
used in which the password is changed each time the user wishes to be authenticated. In this 
method, an unauthorized person caimot reuse a password he or she found or stole from an 
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authorized user because the password is changed each time the user wishes to be authenticated. 
In order to authenticate the identity of the user using the one-time password, a mechanism used 
to generate a one-time password is necessary. If every user uses a terminal of his or her own for 
generating the one-time password, security is enhanced because it is now possible to 
simultaneously confirm what only the user knows and what only the user owns in order to 
authenticate the user". In addition all the prior art references pertain to common subject matter 
of utilizing smartcards, token cards, or IC card. 

As to dependent 45, ^Vherein the content in the one or more cookies comprises 
usage counts indicating the number of times one or more users have used one or more 
services" however teaches "According to one embodiment of the present invention, a Web site 
maintains a profile for the user. One exemplary use of a profile is to track the activity of a user at 
a particular Web site. The profile maintains information regarding the nature of the user 
activities with Vendor A 1 806. For example, the profile may maintain information regarding the 
firequency of visits, the items previously purchased, the items examined but not purchased, the 
preferred shipping method and the preferred payment method, allowing Vendor A 1806 to 
provide intelligent services tailored to the buying pattem of a particular user data set . . . 
According to one embodiment of the present invention, user data required to obtain a new 
service is obtained by dynamically combining the request for new service with at least one user 
data set obtained from a previous enrollment. For example, a user that shops at a first book 
vendor Web site may exhibit one or more preferences for books belonging to certain categories, 
based both on the books purchased at the Web site and on the books examined but not purchased. 
The first book vendor may save this information in a profile. The user may want to use all or part 
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of this information when the user shops at a second book vendor Web site. Accordingly, a 
service request made by the user for service at the second book vendor Web site is automatically 
combined with the profile information used when shopping at the first book vendor Web site, 
thus creating a new profile for use by the user when shopping at the second book vendor Web 
site " in col. 18, line 33 through col. 19, line 17, note the profile, which contains a usage count is 
sent with the cookie. 

As to dependent claims 7 and 8, these claims contain substantially similar subject 
matter as claims 44 and 45; therefore they are rejected along similar rationale. 
12. Claims 19, 24, 26, 56, 61 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Murphy et al. US Patent No. 6,226,744 (hereinafter '744) in view of Teicher et al. US Patent No. 
6,257,486 (hereinafter '486). 

As to dependent claim 56, the following is not explicitly taught in ^744 ^^further 
comprising: disabling the PAD if one or more attempts to authenticate the user based on the 
authenticated user-identification certificate and the one or more user credentials ends in failure" 
however *486 teaches "Also important is an optional feature which disables the smart card if an 
invalid PIN is consecutively entered more than a predetermined number of times. The rationale 
for such a feature is that if a smart card is obtained by an unauthorized person, repeated attempts 
to guess the secret personal identification number by trial and error will most likely resuh in a 
series of invalid entries, which cause the smart card to be disabled. In some smart cards, the 
disabling can be reversed by the issuer (such as when the authorized user has merely forgotten 
the secret personal identification number), and in other smart cards the disabling is permanent 
and renders the smart card completely inoperative. The methods of authentication as used herein 
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include the basic method as shown in FIG. 6 and described above, as well as any of these and 

other variations thereo" in coL 7, lines 10-23. 

It would have been obvious to one of ordinary skill in the art at the time of the invention 

of a user authentication system using a smart card taught in '744 to include a means to disable 

the smartcard. One of ordinary skill in the art would have been motivated to perfonri such a 

modification to improve the security of the smart cards see '486 (coL 10, lines 53 et seq. and 

col. 10, lines 24-38). "The limitations of the prior art discussed above detract from the security 

of smart card systems, and consequently undermine user as well as issuer confidence in the 

employment of smart cards. There is a recognized need for, and it would therefore be highly 

advantageous to have, a smart card and reader which better maintains security of the user's secret 

personal identification number and which does not suffer from these limitations, while at the 

same time preserving the appearance and utility of the commercial smart card as based upon the 

standards for integrated circuit cards. This goal is met by the present invention'' and "The 

"SafePad" smart card reader is a compact device which has an internal authentication unit, and is 

designed to be tamper-resistant. By performing user authentication within such a device, the 

problems indicated in FIG. 9B are intended to be minimized, because access to the internal 

« 

components of the "SafePad" reader is harder to attain than access to the internal components 
and software of a personal computer. It is therefore intended by the manufacturer to be more 
difficuh to compromise the user authentication process with the "SafePad" reader. Nevertheless, 
no device can be made completely tamper-proof, and so the "SafePad" reader merely isolates the 
problems indicated in FIG. 9B but does not completely eliminate them". 
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As to dependent claim 61, ^^further comprising: erasing the PAD private key when 
one or more unauthorized attempts to read or modify the PAD private key are detected" 
however '486 teaches 'furthermore, by having the authentication module normally 
disabled and enabled when presented to a reader, the possibility of a pre-authorization and 
the problems therefrom are removed." in col. 11, lines 14-21, note the Examiner interprets 
disabled equivalent to erasing. 

As to dependent claim 24, the following is not explicitly taught in '744: "wherein the 
PAD is tamper-resistant" however '486 teaches "Furthermore, by having the authentication 
module normally disabled and enabled when presented to a reader, the possibility of a pre- 
authorization and the problems therefrom are removed." in col. 11, lines 14-21, note the prior art 
problems being corrected are described in col. 10, lines 24-38 so that the memory is tamper- 
resistant. 

As to dependent claims 19, 26, these claim contain substantially similar subject matter 
as claim 56, 61 ; therefore they are rejected along similar rationale. 

13. Claims 25, 36, 37, 72, and 73 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Murphy et al. US Patent No. 6,226,744 (hereinafter '744) in view of Geer, Jr. et al. US 
Patent No. 6,192,131 (hereinafter * 131). 

As to dependent claim 25, the following is not explicitly taught in '744: "wherein the 
CA public keys and the PAD private key are written into the PAD only once" however '131 
teaches that smart cards are initialized once by writing private/public keys in col. 2, lines 40-50. 

It would have been obvious to one of ordinary skill in the art at the time of the invention 
of a user authentication system using a smart card taught in '744 to include a means to write 
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encryption keys public/private only one to the PAD. One of ordinary skill in the art would have 
been motivated to perform such a modification to utilize smart cards for authorizing a user in 
transactions see '131 (col. 2, lines 26 et seq.). "With reference to FIG. 1, a system for 
implementing a transaction in accordance with the present invention includes an authorizing 
computer 10, a smart card 12 at authorizing computer 10 that corresponds to a specific user of 
the authorizing computer 10, an authorized computer 14 that is authorized by authorizing 
computer 10 to perform some specific action, and a transaction computer 16 that performs a 
transaction with authorized computer 14 that includes the authorized computer 14 performing the 
authorized action. The system also includes a certifying authority 18 that performs the 
conventional function of certifying the identity of the user to authorized computer 14 and 
transaction computer 16". 

As to dependent claim 72, further comprising: generating the at least one service 
key based on a write-once serial number" however '131 teaches "The authorizing computer 
also creates an identification certificate for the smart card at the authorizing computer and sends 
it to the authorized computer signed with the private key of the user of the smart card (step 27), 
and the authorized computer verifies the authenticity of the signature on the identification 
certificate (step 28) using the public key of the user of the smart card at the authorizing 
computer, which was received by the authorized computer in step 20. The private key of the 
identification certificate for the user of the smart card will be used for encryption (sealing) 
purposes and the private key of the identification certificate for the smart card itself will be used 
for signing purposes. In alternative embodiments it is possible to switch the roles of these private 
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keys" in col. 3, lines 3-15, the serial number is interpreted equivalent to the identification 
certificate for the smart card. 

As to dependent claim 73, '^further comprising: including the serial number in the at 
least one service key" however '131 teaches the serial number sent with the key generated by 
the smartcard in col. 3, lines 3-15. 

As to dependent claims 36 and 37, these claims contain substantially similar subject 
matter as claims 72 and 73; therefore they are rejected along similar rationale. 
14. Claims 28-31, 34, 63-65, 67, and 68, are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Murphy et al. US Patent No. 6,226,744 (hereinafter '744) in view of de Jong et 
al US Patent No. 7,085,840 (hereinafter '840) in ftirther view of Chang et al. US Patent No. 
6,715,082 (hereinafter *082) in fiirther view of Ye et al. US Patent No. 6,067,621 (hereinafter 
'621) in further view of Baird, III et al. US Patent 6,732,278 (hereinafter '278). 

As to dependent claim 63, the following is not explicitly taught in the combination of 
teaching of '744, '840, '082, and '621: "further comprising determining a current date and 
time" however '278 teaches "A more sophisticated smart card includes a small screen that 
displays a different pseudorandom number at a given frequency, once every minute, for instance. 
The user reads the number from the smart card and types it into the device to which access is 
desired. The number serves as a password, albeit one that is changed frequently, to the device. 
The password is based on the current date and time, and the device and the smart card are 
date/time synchronized" in col. 1, line 65 though col. 2, line 8. 

It would have been obvious to one of ordinary skill in the art at the time of the invention 
of a user authentication system using a smart card that utilizes cookies and updatable one-time 
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keys taught in '744/840, '082, and '621 to include a means utilize current date and time. One of 
ordinary skill in the art would have been motivated to perform such a modification to provide 
security easier see '278 (coi. 2, lines 34 et seq.). "There is a need for an apparatus and method 
that can securely authenticate a user to existing online services, without requiring modifications 
to the current access process in use by those services, including especially the process for 
logging on to the site. Further the user should be able to conduct the transaction in a secure 
environment to ensure that transaction is in fact executed as desired". In addition all the prior art 
references pertain to conmion subject matter of utilizing smartcards, token cards, or IC card to 
access the network resources. 

As to dependent claim 64, ^^further comprising: determining if the current date and 
time is within the validity period of the one or more received digital certificates" however 
'278 teaches "At the step 705, the device 101 sends the user identification and computer- 
generated password to the site 105 through an encrypted channel as discussed above. In one 
example secure sites are accessed using the secure sockets layer encryption scheme. A step 706 
controls the password change process. The triggering events or change frequency for the site 
passwords are stored in the preferences database 408. The password can be changed at a 
predetermined frequency (e.g., weekly, monthly) or every time the user logs in to the account. 
Changing the site password at each log-on offers the highest level of security. In any case, if it is 
now time to change the password, the device 101 commands a site 105 to change the user's 
password to a new, randomly generated password. As discussed above, the new password can be 
generated based on the contents of the entropy pool 416. Once the password has been 
successfully changed, the process moves to a step 707 where access is granted to the account and 
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the user's session with the account is controlled by a web browser or an operating system of the 
computer 103, for instance if the site 105 is a resource on a local area network. In one 
embodiment, the steps 706 and 707 occur nearly simultaneously so the process of changing 
passwords presents no perceptible delay to the user. As a result, it is not unreasonable to change 
the password at every log-in" in col. 19, lines 1-23. 

As to dependent claim 65, ^^further comprising determining elapsed time since a 
prior event" however '278 that the password can be changed at each login, this is considered . 
equivalent to a 'prior event' in col. 19, lines 1-23. 

As to dependent claim 67, ^'further comprising: receiving one or more digital 

« 

certificates which contain information for resetting current date and time, elapsed time, 
and a number of times an event has occurred" however '744 teaches the call functions can 
reset in col. 7, lines 35-40. The timers and counters are incorporated in a standard smartcard as 
shown by the prior art references. 

As to dependent claim 68, ^^further comprising: resetting clock, timers or counters 
of the PAD based on information in the one or more digital certificates" however '744 
teaches the call functions can reset in col. 7, lines 35-40 and that the client computer downloads 
control modules and certificates col. 5, lines 52-67. The timers and counters are incorporated in 
a standard smartcard as shown by the prior art references. ' 

As to dependent claim 29, ^^further comprising one or more timers for determining 
time that has elapsed since a timer was reset" however '744 teaches the call functions can 
reset in col. 7, lines 35-40 and that the client computer downloads control modules and 
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certificates col. 5, lines 52-67. The timers and counters are incorporated in a standard smartcard 
as shown by the prior art references. 

As to dependent claim 31, ^Vherein the one or more digital certificates further 
comprise information which may reset clock, timers and counters of the PAD" however 
'744 teaches the call functions can reset in col. 7, lines 35-40 and that the client computer 
downloads control modules and certificates col. 5, lines 52-67. The timers and counters are 
incorporated in a standard smartcard as shown by the prior art references. 

As to dependent claims 28, 30, and 31, these claims contain substantially similar subject 
matter as claims 63-65, 67, and 68; therefore they are rejected along similar rationale. 
14. Claims 32, 33, 35, and 69-71, are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Murphy et al. US Patent No. 6,226,744 (hereinafter '744) in view of de Jong et al. US 
Patent No. 7,085,840 (hereinafter '840) in further view of Chang et al. US Patent No. 6,715,082 
(hereinafter '082) in further view of Ye et al. US Patent No. 6,067,621 (hereinafter '621) in 
further view of Baird, III et al. US Patent 6,732,278 (hereinafter '278) in further view of Teppler 
US Patent 6,792,536 (hereinafter '536). 

As to dependent claim 69, the following is not explicitly taught in the combination of 
teachings of '744, '840, '082, 621, and 278: "further comprising: receiving one or more 
digital certificates which provide a content decryption key and content rights; and checking 
the content rights before outputting the content decryption key as a service key" however 
'536 teaches "Smart Card-enabled Signing of Active Content Smart cards can be used in 
conjunction with Authenticode technology to let end users identify who published a software 
component and verify that no one tampered with it before downloading it from the Intemet. The 
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first step for a developer is to acquire a software publishing certificate for use with 
Authenticode" and in col. 35, lines 9-23. 

It would have been obvious to one of ordinary skill in the art at the time of the invention 
of a user authentication system using a smart card that utilizes current date and time, cookies and 
updatable one-time keys taught in '744,^840, '082, '621, '536, and 278 to include a verify the 
content of data communicated. One of ordinary skill in the art would have been motivated to 
perform such a modification because a means is needed to verify the date and times associated 
with access and creation of files see '536 (col. 1, lines 32 et seq.), "Digital data files come in 
many formats. None of those formats currently provide means for proving-with certainty-dates 
and times associated with access, creation, modification, receipt, or transmission of such digital 
data files. This is not only due to the variety of application programs which are available for 
digital data file access, creation, modification, receipt, and transmission, but also due to the much 
more varied "standards" and protocols put forth in the vain attempt to provide uniformity 
worldwide". In addition all the prior art references pertain to common subject matter of 
utilizing smartcards, token cards, or IC card to access the network resources, i.e. content. 

As to dependent claim 70, ^Vherein the content rights comprise limits on at least 
one of the following: content expiration time, content usage period, content usage count" 
however '536 limits on content usage by time stamping in col. 35, lines 9-23. 

As to dependent claim 71, ^^further comprising: generating timestamps based on the 
current date and time, the timestamps to be included in service keys that the PAD 
generates" however '536 limits on content usage by time stamping in col. 35, lines 9-23. 
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As to dependent claims 32, 33, 35, these claims contain substantially similar subject 
matter as claim 69-71; therefore they are rejected along similar rationale. 

Conclusion 

15. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Ellen C Tran whose telephone nxmiber is 

(571) 272-3842. The examiner can normally be reached from 6:00 am to 4:00 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 

Kambiz Zand can be reached on (571) 272-381 1. The fax phone number for the organization 

where this application or proceeding is assigned is (571) 273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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